Research And Application Of JavaScript Malicious Code Detection Technology Based On Deep Learning

JavaScript is widely used as a carrier to spread malicious code,however,the traditional malicious code detection method is difficult to identify the distorted malicious code,which requires complex feature engineering to extract the key features of malicious code,and the quality of classifier detection directly depends on the selected features,so it is very important to propose a better feature extraction method.Deep learning method has the ability to learn data rules from massive data,which is suitable for processing high-dimensional complex and large-sample malicious code data nowadays.Based on this,this paper presented a JavaScript malicious code detection method based on Convolutional Neural Network(CNN)and method based on Stacked Sparse Denoising Auto-Encoder Network(sSDAN).According to excellent achievements of CNN in the field of image recognition,this paper proposed a JavaScript malicious code detection method based on CNN.Firstly,code sample data were converted to the corresponding gray-scale image data,the image data sets was obtained,then,the features consisting of extraction convolution and pooling layer were used effectively to extract the image features,and finally,softmax classifier was used to classify and forecast.Compared with the traditional machine learning classification algorithm,CNN detection model has higher accuracy and lower the rate of false positives.According to the excellent effect of auto-encode network in dealing with excessive dimensions and redundant data of feature information,this paper proposed a JavaScript malicious code detection method based on sSDAN.Firstly,code samples were converted to vector data as an input of sSDAN mode.Then,sparse restrictions and gaussian noise were added to train step by step,the expression of differentcharacteristics of malicious code can be obtained after the effective denoising.Finally,the model testing results were verified through many experiments,the experimental results show sSDAN is suitable for the current high dimensional,complicated and changeable malicious code,which provides a new train of thought for the current malicious code detection.At last,based on the above CNN detection model,a Chrome extension tool was designed and implemented to detect the presence of malicious JavaScript code in web pages.